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DETAILED ACTION 
Response to Arguments 

1. Applicant's arguments filed 14 February 2005 have been fully considered but they are not 
persuasive. 

2. In response to applicant's argument that the references fail to show certain features of 
applicant's invention, it is noted that the features upon which applicant relies (i.e., any 
processing protocol between the server and client which would minimize data transfers between 
the server and the client) are not recited in the rejected claim(s). Although the claims are 
interpreted in light of the specification, limitations from the specification are not read into the 
claims. See In re Van Geuns, 988 F.2d 1 181, 26 USPQ2d 1057 (Fed. Cir. 1993). 

3. Applicant's argument that the terminal in Peyret is not able to read the content of the 
messages from the server is not persuasive because Peyret discloses a communication interface 
between the terminal and the server (Fig. 4, 90, 92). 

4. Applicant's argument that Chen does not describe a chipcard is not persuasive because 
Chen discloses that the application programs are unpacked and transferred to memory expansion 
cards (Col. 8, line 66 - Col. 9, line 3), which is a memory chip card. The fact that Chen uses a 
memory chip card and not a smart card is irrelevant since the claims require a chip card. 

5. Applicant's allegation that the portable computer of Chen was analogized to the chip card 
is not persuasive because in the Office Action dated 13 January 2005, the portable computer was 
analogized to the terminal and the memory chip card is analogized to the chip card. Therefore, 
Chen's method for installing an application wherein a desktop manager on the user terminal 
unpacks the application program before installing the program on the memory chip card (Col. 8, 



Application/Control Number: 09/679,333 Page 3 

Art Unit: 2132 

line 66 - Col. 9, line 22), meets the limitation of unpacking of the data packet by the client, and 
transmission of the individual commands from the packet in sequence to the chipcard. 

6. Applicant's argument that the rationale for combining Chen and Peyret is deficient 
because there is not input or interface capability on a chipcard or smart card is not persuasive 
because as is well known in the art the memory chip card of Chen is used with the portable 
computer, which contains a user interface and display, and the smart card of Peyret is used with a 
terminal that also has a user interface (Col. 7, lines 43-49). 

7. In response to applicant's argument that minimizing decisions required of a user is not 
relevant to the claimed functionality of Applicant's process, the fact that applicant has 
recognized another advantage which would flow naturally from following the suggestion of the 
prior art cannot be the basis for patentability when the differences would otherwise be obvious. 
See Ex parte Obiaya, 227 USPQ 58, 60 (Bd. Pat. App. & Inter. 1985). 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

9. The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 
(1966), that are applied for establishing a background for determining obviousness under 35 
U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 
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4. Considering objective evidence present in the application indicating obviousness 
or nonobviousness. 

10. Claims 1, 4, 6, 8, 12-15, 17, 18, 20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Peyret, U.S. Patent No. 5,923,884, in view of Chen, U.S. Patent No. 
6,360,364, and further in view of Zumkehr, U.S. Patent No. 5,974,529. Referring to claims 1, 4, 
6, 12-15, 17, Peyret discloses a method for loading applications onto a smart card wherein the 
system includes a smart card, terminal (client), and a server (Fig. 4). The smart card has a first 
interface system that may connect the smart card to the terminal and second interface to connect 
the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When the smart card is connected to the 
terminal, the processor of the smart card, verifies the authenticity of the terminal and of the 
server and visa versa. If the server and the smart card authenticate each other, then the loader 
within the smart card begins the loading process (Col. 7, lines 42-67). Once an application is 
selected, which meets the limitation of loading a sequence of commands to download the 
application component to the chipcard, to be loaded the smart card authenticates the application 
code through the use of digital signatures (Col. 9, lines 50-53). Digital signatures utilize private 
or secret keys, which meet the limitation of delivery of a secret key or session key by the server, 
generation of a digital signature with the secret key or session key by way of each command 
within the command sequence, transmission of the signed command sequence as a data packet to 
the client. If the digital signature is valid then the application is loaded onto the smart card (Col. 
9, lines 54-57), which meets the limitation of checking of the digital signature and execution of 
the commands if the digital signature is correct. Peyret does not disclose that the application is 
unpacked at the user terminal before being installed on the smart card. Chen discloses a method 
for installing an application wherein a desktop manager on the user terminal unpacks the 
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application program before installing the program on the smart card (Col. 8, line 66 - Col. 9, line 
22), which meets the limitation of unpacking of the data packet by the client and transmission of 
the individual commands in sequence to the smart card. It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to unpack the application program of 
Peyret on the user terminal before transferring the application to the smart card in order to 
minimize the decisions required of a user when installing an application as taught in Chen (Col. 
9, lines 24-26). Peyret does not disclose that each individual instruction of the application is 
digital signed. Zumkehr discloses a system for error detection wherein individual program 
instructions are digitally signed and later authenticated (Col. 2, lines 29-47). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made for the application 
instructions of Peyret to be digitally signed in order to provide low detection latency as taught in 
Zumkehr (Col. 2, lines 47-50). 

Referring to claim 8, Peyret discloses that the cryptosystem used can be a public key 
cryptosystem (asymmetrical) (Col. 5, lines 31-33). 

11. Claims 2, 7, 10, 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Peyret, U.S. Patent No. 5,923,884, in view of Chen, U.S. Patent No, 6,360,364, and further in 
view of Zumkehr, U.S. Patent No. 5,974,529 as applied to claims 1-3, 17 above, and further in 
view of Everett, U.S. Patent No. 6,575,372. Referring to claims 2, 7, 10, 19, Peyret discloses a 
method for loading applications onto a smart card wherein the system includes a smart card, 
terminal (client), and a server (Fig. 4). The smart card has a first interface system that may 
connect the smart card to the terminal and second interface to connect the terminal to the server 
(Fig. 4 & Col. 7, lines 33-39). When the smart card is connected to the terminal, the processor of 
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the smart card, verifies the authenticity of the terminal and of the server and visa versa. If the 
server and the smart card authenticate each other, then the loader within the smart card begins 
the loading process (Col. 7, lines 42-67). Once an application is selected, which meets the 
limitation of loading a sequence of commands to download the application component to the 
chipcard, to be loaded the smart card authenticates the application code through the use of digital 
signatures (Col. 9, lines 50-53). Digital signatures utilize private or secret keys, which meet the 
limitation of delivery of a secret key or session key by the server, generation of a digital 
signature with the secret key or session key by way of each command within the command 
sequence, transmission of the signed command sequence as a data packet to the client. If the 
digital signature is valid then the application is loaded onto the smart card (Col. 9, lines 54-57), 
which meets the limitation of checking of the digital signature and execution of the commands if 
the digital signature is correct. Chen discloses a method for installing an application wherein a 
desktop manager on the user terminal unpacks the application program before installing the 
program on the smart card (Col. 8, line 66 - Col. 9, line 22), which meets the limitation of 
unpacking of the data packet by the client and transmission of the individual commands in 
sequence to the smart card. Zumkehr discloses a system for error detection wherein individual 
program instructions are digitally signed and later authenticated (Col. 2, lines 29-47). Peyret does 
not disclose that the keys are generated based on card identification data. Everett discloses an IC 
card loading system wherein to generate cryptographic keys for each individual IC card, a 
certificate authority uses card identification information transmitted from the terminal in order to 
generate individual key sets for the IC cards (Col. 5, lines 42-67). It would have been obvious to 
one of ordinary skill in the art at the time the invention was made for the cryptographic keys of 
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Peyret to be generated based on the IC card identification data in order to easily identify and 
authenticate the cards at a later point in time as taught in Everett (Col. 8, lines 25-34). 
12. Claim 16 is rejected under 35 U.S.C. 103(a) as being unpatentable over Peyret, U.S. 
Patent No. 5,923,884, in view of Chen, U.S. Patent No. 6,360,364, and further in view of 
Zumkehr, U.S. Patent No. 5,974,529 as applied to claims 1, 13 above, and further in view of 
Hanel, GB 2,314,948. Referring to claim 16, Peyret discloses a method for loading applications 
onto a smart card wherein the system includes a smart card, terminal (client), and a server (Fig. 
4). The smart card has a first interface system that may connect the smart card to the terminal 
and second interface to connect the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When 
the smart card is connected to the terminal, the processor of the smart card, verifies the 
authenticity of the terminal and of the server and visa versa. If the server and the smart card 
authenticate each other, then the loader within the smart card begins the loading process (Col. 7, 
lines 42-67). Once an application is selected, which meets the limitation of loading a sequence of 
commands to download the application component to the chipcard, to be loaded the smart card 
authenticates the application code through the use of digital signatures (Col. 9, lines 50-53). 
Digital signatures utilize private or secret keys, which meet the limitation of delivery of a secret 
key or session key by the server, generation of a digital signature with the secret key or session 
key by way of each command within the command sequence, transmission of the signed 
command sequence as a data packet to the client. If the digital signature is valid then the 
application is loaded onto the smart card (Col. 9, lines 54-57), which meets the limitation of 
checking of the digital signature and execution of the commands if the digital signature is 
correct. Chen discloses a method for installing an application wherein a desktop manager on the 
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user terminal unpacks the application program before installing the program on the smart card 
(Col. 8, line 66 - Col. 9, line 22), which meets the limitation of unpacking of the data packet by 
the client and transmission of the individual commands in sequence to the smart card. Zumkehr 
discloses a system for error detection wherein individual program instructions are digitally 
signed and later authenticated (Col. 2, lines 29-47). Peyret does not disclose using message 
authentication codes in the command codes. Hanel discloses a chipcard data transfer method 
wherein message authentication codes are appended to commands (Page 1). It would have been 
obvious to one of ordinary skill in the art at the time the invention was made for the commands 
of Peyret to include a MAC because it is a known procedure as disclosed in Hanel (Page 1). 
13. Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Peyret, U.S. Patent 
No. 5,923,884, in view of Chen, U.S. Patent No. 6,360,364, and further in view of Zumkehr, 
U.S. Patent No. 5,974,529 as applied to claim 1 above, and further in view of Klingman, U.S. 
Patent No. 5,729,594. Referring to claim 5, Peyret discloses a method for loading applications 
onto a smart card wherein the system includes a smart card, terminal (client), and a server (Fig. 
4). The smart card has a first interface system that may connect the smart card to the terminal 
and second interface to connect the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When 
the smart card is connected to the terminal, the processor of the smart card, verifies the 
authenticity of the terminal and of the server and visa versa. If the server and the smart card 
authenticate each other, then the loader within the smart card begins the loading process (Col. 7, 
lines 42-67). Once an application is selected, which meets the limitation of loading a sequence of 
commands to download the application component to the chipcard, to be loaded the smart card 
authenticates the application code through the use of digital signatures (Col. 9, lines 50-53). 
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Digital signatures utilize private or secret keys, which meet the limitation of delivery of a secret 
key or session key by the server, generation of a digital signature with the secret key or session 
key by way of each command within the command sequence, transmission of the signed 
command sequence as a data packet to the client. If the digital signature is valid then the 
application is loaded onto the smart card (Col. 9, lines 54-57), which meets the limitation of 
checking of the digital signature and execution of the commands if the digital signature is 
correct. Chen discloses a method for installing an application wherein a desktop manager on the 
user terminal unpacks the application program before installing the program on the smart card 
(Col. 8, line 66 - Col. 9, line 22), which meets the limitation of unpacking of the data packet by 
the client and transmission of the individual commands in sequence to the smart card Zumkehr 
discloses a system for error detection wherein individual program instructions are digitally 
signed and later authenticated (Col 2, lines 29-47). Peyret does not disclose communication 
using SSL. Klingman discloses client server communications using SSL (Col 3, lines 32-36). It 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
use SSL in the communications of Peyret in order to provide a secure communication line as 
taught in Klingman (Col. 3, lines 37-39). 

14. Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Peyret, U.S. Patent 
No. 5,923,8 84 3 ' in view of Chen, U.S. Patent No. 6,360,364, and further in view of Zumkehr, 
U.S. Patent No. 5,974,529 as applied to claims 1, 8 above, and further in view of Schneier. 
Referring to claim 9, Peyret discloses a method for loading applications onto a smart card 
wherein the system includes a smart card, terminal (client), and a server (Fig. 4). The smart card 
has a first interface system that may connect the smart card to the terminal and second interface 
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to connect the terminal to the server (Fig. 4 & Col. 7, lines 33-39). When the smart card is 
connected to the terminal, the processor of the smart card, verifies the authenticity of the 
terminal and of the server and visa versa. If the server and the smart card authenticate each other, 
then the loader within the smart card begins the loading process (Col. 7, lines 42-67). Once an 
application is selected, which meets the limitation of loading a sequence of commands to 
download the application component to the chipcard, to be loaded the smart card authenticates 
the application code through the use of digital signatures (Col. 9, lines 50-53). Digital signatures 
utilize private or secret keys, which meet the limitation of delivery of a secret key or session key 
by the server, generation of a digital signature with the secret key or session key by way of each 
command within the command sequence, transmission of the signed command sequence as a 
data packet to the client. If the digital signature is valid then the application is loaded onto the 
smart card (Col. 9, lines 54-57), which meets the limitation of checking of the digital signature 
and execution of the commands if the digital signature is correct. Chen discloses a method for 
installing an application wherein a desktop manager on the user terminal unpacks the application 
program before installing the program on the smart card (Col. 8, line 66 - Col. 9, line 22), which 
meets the limitation of unpacking of the data packet by the client and transmission of the 
individual commands in sequence to the smart card. Zumkehr discloses a system for error 
detection wherein individual program instructions are digitally signed and later authenticated 
(Col. 2, lines 29-47). Peyret discloses the use of pubic key cryptography but does not disclose the 
use of RSA. Schneier discloses that RSA is a form of public key cryptography (Page 366). It 
would have been obvious to one of ordinary skill in the art at the time the invention was made to 
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use RSA as the public key cryptographic method in Peyret because RSA is the most popular 
form of public key cryptography as disclosed in Schneier (Page 366-367). 

Conclusion 

15. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

16. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Benjamin E Lanier whose telephone number is 571-272-3805. 
The examiner can normally be reached on M-ThO 7:30am-5:00pm, F 7:30am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 




Benjamin E. Lanier 
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SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



